Lead Assessor | seves-consulting

Responsibilities:

Manage a system assessment from initiation to final reporting in accordance with the NISTIR 8011, Automation Support for Security Control Assessments
Lead a team of assessors to fully and accurately evaluate a system’s security posture
Assist in process improvement and automation for the assessment methodology
Conduct technical evaluation of information system design, focusing on information security aspects and accreditation according to the NIST Risk Management Framework
Utilize various information system inspection tools to audit systems, analyze potential vulnerabilities and identify mitigation approaches
Review program documentation such as Risk Assessments, Security Plans, and Contingency Plans
Create project deliverables accurately and on time, as required

Qualifications:

Must be able to obtain and sustain a Census Bureau Public Trust clearance
US Citizen able to pass a Government Background Check
7+ years experience with Federal Accreditation testing, a degree can be substituted for some years of experience
Understanding of the operation of data base systems (Oracle, My SQL, MapReduce, etc.)
Understanding of System Security design (3-zone, proxies, etc.)
Understanding of application development methods (Dev/Ops specifically)
Understanding of systems hardening methods and standards (GPOs, STIGS, etc.)
Experience in Unix/Linux, Windows systems
Understanding of network-based protection systems
Understanding of information management and protection systems (AV, Patch management, etc.)
Knowledge of FedRAMP process
Expertise in NIST 800-53 requirements and implementation
Experience in performing risk assessments and developing risk assessment reports
CISSP, CAP, CISA, or equivalent certifications
Candidate must be a great communicator (both written and verbal) and be able to work with a group as well as independently
Must be available/able to travel up to 25%

* This role is for a 1099 position and does not include any benefits.